- From: Henry Story <henry.story@bblfish.net>
- Date: Thu, 17 Sep 2020 15:08:17 +0200
- To: Dan Daniel Appelquist <dan@torgo.com>
- Cc: "www-tag@w3.org" <www-tag@w3.org>, Wendy Seltzer <wseltzer@w3.org>
> On 17 Sep 2020, at 09:38, Daniel Appelquist <dan@torgo.com> wrote: > > Hi Henry - > > Thanks for bearing with us and apologies for not getting a reply to you sooner. As you may glean from the level of traffic on this list, we have moved much of our workflow out of email in favour of GitHub issues registries, such as in our Design Principles repository. We also publish a guide of working with the TAG which goes into more detail on that. We did discuss your email in one of our recent video calls, and you can read those minutes. One question that came up in discussion: last year in our Ethical Web Principles finding we said “When we are adding new web technologies and platforms, we will build them to cross regional and national boundaries.” In other words, the web should not be built to reinforce national or territorial boundaries. This seems to be at tension with the notion of “weaving the law into the web.” We also have some mixed experience with "weaving the law into the web" stemming from the Do Not Track work – and privacy-related work in general where we have struggled to build bridges between how web technology works and the patchwork of legislation that covers tracking, personal data storage and use. > > To some degree, we are wondering what you are looking for from the TAG in this instance, but this sounds like a topic that might be appropriate for a future W3C workshop? A Tag workshop would be very helpful. The ideas really need to be tested out in discussion and developed. This requires one to get the point of views of registrars, legal scholars, UI designers security architects and more... I can try addressing here a few of the points raised during the TAG meeting [1] notes as I see them. • I think Peter picked up on the main idea: "it would be nice if there is a machine readable way of declaring jurisdiction. If shopping and I'm going to spend money it would be nice to know what legal recourse I have if things go wrong. A system where you could voluntarily expose that info and do it in a way that is verifiable.” That is right, and I think doable with the standards we have (The next sentence projects perhaps too far out into the future [2]) So the idea is to allow companies and institutions that operate under legal obligations in their country of operation, to have some of that information exposed in machine readable terms, in a standard way, so that browsers can present this to the users as the official information. They would want to do that as it increases the trust people can have in their web site. This would allow me to buy a watch from the Web site of a artisan watchmaker knowing it was located in Switzerland, because there was a two way link from the web site to the registration data published by the canton Registrar on the Web. This would allow for much richer and dynamic information to be available to web browsers than is currently encodable in X509 Certificates. [3]. So here the legal space is just which country (perhaps canton) a company or institution is working from, and the WoN part is tying these different localities together in a Social-Web of nations (WoN). Think FOAF, but for nations. • So now it is easier to respond to Dan’s comment: > Not sure I particularly agree with the idea that we should be baking international legal norms or regimes into the fabric of the web? This seems like a double-edged sword. The proposal is epistemological and not coercive. Such information is present in X509 Certificates but in such a minimal form that it is useless. Here we can move to allowing those who have been collecting this information for centuries (national registrars) to publish relevant parts of it so that it can be updated live. They have a good business model for doing so: they collect taxes. • I did put together 12 further use cases here: https://medium.com/@bblfish/use-cases-for-the-web-of-nations-361c24d5eaee One I like a lot is the Verifiable Claims (VC) one: if we want to be able to produce Drivers License VCs, or over-18-years VCs, then for a web site bot to be able to authenticate these VCs, it needs to know that the institution that signed them is entitled to sign such claims. Globally. • Regarding Dan’s point re the Do-Not-Track Work and privacy. One of the use cases addresses the GDPR. A GDPR statement by a web site is only worth as much as the legal status of the site's owners. • Dan wrote: “When we are adding new web technologies and platforms, we will build them to cross regional and national boundaries.” This fits the criteria. The system works the allowing each person to choose their legal trust anchor(s). A US citizen in Europe could keep their gov.us as a trust anchor, and a French citizen in Japan could keep using gouv.fr. I am currently living in Germany, and I could use a future trust.eu as a trust anchor or in the gov.uk one or both perhaps or more. It may be prudent when doing business to use one’s countries trust anchors, as that will be the anchor one’s legal institutions use. But I am not a legal scholar, which is why the Workshop idea is so apt. Hope that helps answer some of the questions without raising too many new ones. Henry [1] https://github.com/w3ctag/meetings/blob/gh-pages/2020/telcons/08-31-minutes.md#email-from-henry-story [2] Peter’s next sentence could go way beyond the proposal "These are the laws that would cover this transaction.” Pointing directly to the law, would be quite a lot more work! That is a huge research project of machine readable law, which may show results in the long term, and probably not the way it is imagined to do so. [3] One of my arguments is that the poverty of information in X509 Certificates means that it is close to impossible for the Designers of Browser User Interfaces to do anything that could be of interest to users of those browsers. I wrote a blog post on this a few years ago with many pictures of certificates https://medium.com/cybersoton/stopping-https-phishing-42226ca9e7d9 > > Thanks, > Dan > > > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > >> Dear Technical Architecture Group, >> >> Lucian Floridi, Professor at the Oxford Internet Institute >> recently published a short paper [1] >> >> "The Fight for Digital Sovereignty: What It Is, and >> Why It Matters, Especially for the EU" >> >> In my view, this problem of sovereignty has arisen in the tension >> between the extraterritoriality of the Web/Internet and the >> territoriality of law. Prof Mireille Hildebrandt gave a detailed >> history of sovereignty and territoriality 7 years ago [2]. >> >> Dame Wendy Hall and Kieron O’Hara have written about >> the 4 internets as a reality [3]. >> We have seen the rise 4 years ago of the theme of borders >> and walls transforming politics in the US and the UK. >> The problem won’t subside and the fracturing only worsen >> until this is addressed. >> >> Luckily we can use the web to heal this wound, weaving >> the law into the web. This is what I call the Web of >> Nations >> >> https://co-operating.systems/2020/06/01/WoN.pdf >> >> That paper puts the emphasis on nations, but the proposed >> architecture is completely flexible, allowing supranational >> as well as regional participation as suggested by Floridi. >> As it happens most of the technical pieces to build this >> have already been standardised by the W3C. But as a coordination >> institution the W3C is well positioned to help bring together >> the right players and help this become a reality. >> >> Henry Story >> >> [1] https://link.springer.com/epdf/10.1007/s13347-020-00423-6 >> [2] https://www.utpjournals.press/doi/abs/10.3138/utlj.1119 >> [3] https://www.cigionline.org/publications/four-internets-geopolitics-digital-governance >> >> > On 1 Apr 2020, at 20:39, Henry Story <henry.story@bblfish.net> wrote: >> > >> > Dear TAG, >> > >> > I wrote a short essay that looks at the internet and the web from >> > an immunological perspective. >> > >> > It starts like this: >> > >> > [[ >> > The Covid-19 global pandemic has taught us that immunology is not just >> > a biological phenomenon, but a personal one requiring us to adopt hygienic >> > practices, a social one and indeed with the closing of frontiers a >> > geopolitical one. But it also breaks into the space of technology with >> > requirements that we learn hygiene rules about reposting content, to limit >> > transmission of false information about the virus. >> > >> > I will show how the concept of co-immunity developed by Peter Sloterdijk >> > can give us a framework to understand this. The essay ends by developing >> > an analysis of the immunological features of the internet and locate pieces >> > that we need to make a healthier World Wide Web. >> > ]] >> > >> > https://medium.com/@bblfish/co-immunology-and-the-web-43379b46688e >> > >> > There are a number of references there that could be useful >> > to inform web architecture. >> > >> > All the best, >> > >> > Henry Story >> > >> > https://co-operating.systems >> > @bblfish >> >> Henry Story >> >> https://co-operating.systems >> WhatsApp, Signal, Tel: +33 6 38 32 69 84 >> Twitter: @bblfish >> >> > Henry Story https://co-operating.systems WhatsApp, Signal, Tel: +33 6 38 32 69 84 Twitter: @bblfish
Received on Thursday, 17 September 2020 13:08:35 UTC